Data security for digital data storage

US 20070067647A1
Filed: 08/11/2006
Published: 03/22/2007
Est. Priority Date: 03/26/1999
Status: Active Grant

First Claim

Patent Images

1. In a personal computer having encryption hardware and a processor, a method of storing data on data storage media comprising:

retrieving information from a bus-to-bus bridge in a personal computer, the information identifying which data storage media are selected to receive encrypted data;

disabling encryption of data routed to one of the data storage media in response to the retrieved information;

encrypting and decrypting data based on the disabling step, for storage on and retrieval from the data storage media; and

storing the data in the data storage media either in encrypted form or non-encrypted form based on the disabling step.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing system includes data encryption in the data path between a data source and data storage devices. The data encryption may utilize a key which is derived at least in part from an identification code stored in a non-volatile memory. The key may also be derived at least in part from user input to the computer.

88 Citations

View as Search Results

20 Claims

1. In a personal computer having encryption hardware and a processor, a method of storing data on data storage media comprising:
- retrieving information from a bus-to-bus bridge in a personal computer, the information identifying which data storage media are selected to receive encrypted data;
  
  disabling encryption of data routed to one of the data storage media in response to the retrieved information;
  
  encrypting and decrypting data based on the disabling step, for storage on and retrieval from the data storage media; and
  
  storing the data in the data storage media either in encrypted form or non-encrypted form based on the disabling step.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein encrypting data for storage is performed on an encrypting device that is positioned in a data path between a central processing unit and the data storage media.
  - 3. The method of claim 2, wherein the bus-to-bus bridge comprises the encryption device.
  - 4. The method of claim 1, further comprising generating a cryptographic key for use in encrypting the data.
  - 5. The method of claim 4, further comprising retrieving an identification code.
  - 6. The method of claim 5, wherein the retrieving the identification code is performed without intervention by a host processor.
  - 7. The method of claim 4, wherein the cryptographic key is based at least in part on an identification code stored in the personal computer.
  - 8. The method of claim 7, where the cryptographic key is based at least in part on user input.
  - 9. The method of claim 4, further comprising verifying the generated cryptographic key, wherein verifying comprises determining a checksum of the generated key.
  - 10. The method of claim 9, wherein the verifying occurs without intervention of by a host processor.

11. In a personal computer having encryption hardware and a processor, a method of storing data on data storage media comprising:
- retrieving information from a bus-to-bus bridge in a personal computer, the information identifying which data storage media are selected to receive encrypted data;
  
  encrypting data for storage on the data storage media selected to received encrypted data based on the retrieved information; and
  
  storing encrypted data on the data storage media selected to received encrypted data.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The method of claim 11, further comprising storing unencrypted data on the data storage media not selected to received encrypted data.
  - 13. The method of claim 11, further comprising transmitting data from a processor in the personal computer to encryption hardware in the personal computer.
  - 14. The method of claim 11, wherein encrypting data for storage is performed on an encrypting device that is positioned in a data path between a central processing unit and the data storage media.
  - 15. The method of claim 14, wherein the bus-to-bus bridge comprises the encryption device.
  - 16. The method of claim 11, further comprising generating a cryptographic key for use in encrypting the data, wherein the cryptographic key is based at least in part on an identification code stored in the personal computer.
  - 17. The method of claim 16, further comprising retrieving the identification code, wherein the retrieving the identification code is performed without intervention by a host processor.
  - 18. The method of claim 16, further comprising verifying the generated cryptographic key, wherein the verifying occurs without intervention of a host processor.

19. A method of making a computer comprising:
- storing a hardware identifier in a non-erasable memory integrated circuit;
  
  installing the non-erasable memory integrated circuit into a computer;
  
  providing a data path to data storage media;
  
  providing a bus-to-bus bridge configured to store information, the information identifying which data storage media is selected to receive encrypted data;
  
  coupling a logic circuit comprising an encryption engine to the data path; and
  
  connecting the non-erasable memory integrated circuit to the logic circuit, wherein the hardware identifier and a user input are used by an encrypting engine for encrypting data that is transmitted to the data storage media and for decrypting data that is retrieved from the data storage media, wherein the encryption engine is configured to disable encryption of data routed to the data storage media in response to the information.
- View Dependent Claims (20)
- - 20. The method of claim 19, wherein connecting comprises routing a serial data bus from the non-erasable memory integrated circuit to the logic circuit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Round Rock Research LLC
Original Assignee
Round Rock Research LLC
Inventors
Klein, Dean

Granted Patent

US 7,861,094 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/80   in storage media based on m...

G06F 21/85   interconnection devices, e....

Data security for digital data storage

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

88 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Data security for digital data storage

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

88 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links